<?php
if (isset($_SESSION)) {session_destroy();}
session_start();
?>


<html lang="ru">
<head>

	<meta http-equiv="x-ua-compatible" content="ie=edge">
	<meta name="description" content="">
	<meta name="viewport" content="width=device-width, initial-scale=1">

	<!-- <link rel="manifest" href="site.webmanifest"> -->
	<link rel="shortcut icon" type="image/x-icon" href="img/blog/favicon.png">
	<!-- Place favicon.ico in the root directory -->

	<!-- CSS here -->
	<link rel="stylesheet" href="css/bootstrap.min.css">
	<link rel="stylesheet" href="css/owl.carousel.min.css">
	<link rel="stylesheet" href="css/magnific-popup.css">
	<link rel="stylesheet" href="css/font-awesome.min.css">
	<link rel="stylesheet" href="css/themify-icons.css">
	<link rel="stylesheet" href="css/nice-select.css">
	<link rel="stylesheet" href="css/flaticon.css">
	<link rel="stylesheet" href="css/gijgo.css">
	<link rel="stylesheet" href="css/animate.css">
	<link rel="stylesheet" href="css/slicknav.css">
	<link rel="stylesheet" href="css/style.css">



    <meta charset="UTF-8">
	<link rel="stylesheet" href="style.css">
	<link rel="preconnect" href="https://fonts.gstatic.com">
	<link href="https://fonts.googleapis.com/css2?family=Open+Sans&display=swap" rel="stylesheet">
	
    <title>Частная клиника имени Лазарева</title>
</head>
<body>
<div class="container">
    <div class="row">
		<div class="col">
			<h2>Авторизируйтесь для доступа:</h2>
			<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post">
				<label>
					Имя:
					<input type="text" class="form-control" placeholder="" name="user_name">
				</label>
				<label>
					Пароль:
					<input type="password" class="form-control" placeholder="" name="user_password">
				</label>
				
				
				<button type="submit" class="btn btn-primary" name="goin" >Войти</button>
				<button type="submit" class="btn btn-primary" >Назад</button>
			</form>
		

<?php
	if (isset($_POST['goin'])){
		if (empty($_POST['user_name'])){die ("<label>Не все поля заполнены</label>");}
		if (empty($_POST['user_password'])){die ("<label>Не все поля заполнены</label>");}
		
		$user = 'root';
		$pass = '';
		$dbh = new PDO('mysql:host=localhost;dbname=doctor', $user, $pass);
		
		$user_name = $_POST['user_name'];
		$user_password = $_POST['user_password'];
		
		$sth = $dbh->prepare(
					"SELECT * FROM `users` WHERE `user_name` = :user_name AND `user_password` = :user_password");
		$sth->execute(array(
			'user_name' => $user_name,
			'user_password' => $user_password
		));
		
		$res = $sth->fetch(PDO::FETCH_ASSOC);
		if (!$res['user_id']) {
			die ("<br> Что-то введено неверно, не удаолсь войти, попробуй ещё раз");
		} else {
			$arr = $res;
			$_SESSION['user_name']= $arr['user_name']; 
			$_SESSION['user_id']= $arr['user_id'];
			$_SESSION['user_role']= $arr['user_role'];
			header('Location: index.php');
		}
	}
?>

		</div>
	</div>
</div>

</body>
</html>